A few days ago, I found a great article on Techdirt
that I really loved. "You’re Not As Secure As You Think… Except Maybe On Wireless Networks " does a great job of showing an example of how most people believe that wireless networks are insecure by nature, therefore, if the general population believes that, then they are in essence as secure as they believe they are. From all the work with wireless that I have done, I can fully agree with the way this article is presented.
Out of the box, wireless networks are extremely vulnerable and insecure. Through recent studies I have done, I can conclude that over 50% of Wireless Access Points (WAPs) are left with no security enabled - not even MAC address filtering or any type of encryption - WEP or WPA. WEP has been crackable now for a few years using programs like WEPcrack. MAC address spoofing is also easily done by using ifconfig in *nix and a simple registry change in Windows XP. Even WPA PSK has been cracked (WPA itself has not been cracked, but the PSK - private shared keys - is susceptible to brute force and has been cracked). So, when I read the article on Techdirt, I had to completely agree.
But, when I read the original article on Information Week that the Techdirt article referred to, I had to really stop and shake my head. In it, Matthew Friedman reports that Justin Peltier - a senior security consultant with Peltier Associates and leader of Web hacking seminars for the Computer Security Institute - goes on to say that "Properly configures, wireless is actually much more secure than wired networking" and that proper configuration using the WPA PSK has to be turned on to achieve this.
Search: Cosmos | BlogPulse
Submit: Digg This | Shout this! | Slashdot
Bookmark: Del.icio.us | Furl It | Spurl | Tag!RawSugar | Simpy This! | Shadows Tag! | Blink It | My Web
GirlGeekteete dotNet Tags: wireless, security, insecurity, WPA, SSID, WEP, MAC address, WAP
Technorati Tags: wireless, security, insecurity, techdirt, WPA, SSID, PSK, WEP, MAC, WEPCrack
No Comments »
